Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security of client's private key #95

Closed
GoogleCodeExporter opened this issue Mar 19, 2015 · 9 comments
Closed

Security of client's private key #95

GoogleCodeExporter opened this issue Mar 19, 2015 · 9 comments

Comments

@GoogleCodeExporter
Copy link 

ics-openvpn only saves the location to CA cert, server cert and server key. 
Since both certificates are public data, it's not an issue referring to them on 
the SD card. However, the server's private key must be protected from other 
apps as well as external access to SD card.

I propose saving all certificates and private key to app's private storage 
instead of only storing their locations. Another advantage of doing so is 
removing ics-openvpn's dependence on SD card to operate.

Original issue reported on code.google.com by [email protected] on 30 Sep 2012 at 6:43
@GoogleCodeExporter
Copy link
Author 

When you import the data it is stored inside the app's own storage. Also the 
FAQ on security.

Original comment by [email protected] on 30 Sep 2012 at 12:00

  • Changed state: Invalid

@GoogleCodeExporter
Copy link
Author 

OK, so I missed the "import" button and the fact that it can be missed is an 
issue. I suggest to restrict the user to only allow "importing" the private key 
by disabling/removing the "select" button.

Original comment by [email protected] on 30 Sep 2012 at 12:08

@GoogleCodeExporter
Copy link
Author 

I don't like disabling the select option. There may be use cases which require 
the key on the file system. But I can make a warning dialog if the user selects 
"select"

Original comment by [email protected] on 1 Oct 2012 at 5:13

@GoogleCodeExporter
Copy link
Author 

Ye, a warning is a good way to do it.

Original comment by [email protected] on 2 Oct 2012 at 8:07

@GoogleCodeExporter
Copy link
Author

Original comment by [email protected] on 8 Oct 2012 at 10:29

  • Changed state: Accepted
  • Added labels: Type-Enhancement
  • Removed labels: Type-Defect

@GoogleCodeExporter
Copy link
Author 

hi,how to use the software apk, please

Original comment by [email protected] on 3 Feb 2013 at 3:42

@GoogleCodeExporter
Copy link
Author 

@6 This has nothing to do with this bug. Please look at the FAQ.

Original comment by [email protected] on 3 Feb 2013 at 3:53

@GoogleCodeExporter
Copy link
Author 

The new version has a preselected "Import to configuration" check box.

Original comment by [email protected] on 10 Mar 2013 at 1:05

@GoogleCodeExporter
Copy link
Author

Original comment by [email protected] on 9 Apr 2013 at 9:20

  • Changed state: Fixed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@GoogleCodeExporter